NNTP-Posting-Host (was Re: ietf-nntp BCP for RFC977 server/RFC1036 interaction)
Ade Lovett
ade at demon.net
Sun Apr 6 21:53:09 PDT 1997
Brian Kantor writes:
>
>NNTP-Posting-Host was intended to be viewed by humans, not to be machine
>parsed. I put it in there to aid in tracing forged article submissions.
>I like the idea that both hostname and IP address be placed in the
>header, but consider this:
>
> [various problems snipped]
If this header is meant only to be human-readable (which is the way I
read things, and it would seem that Brian is in agreement), then
why not simply save ourselves a whole bunch of effort and state:
NNTP-Posting-Host:
If present, this header will contain information about the
entity (human and/or machine) that posted the original
article.
Servers SHOULD make every effort to provide as much
information as possible, within the constraints of the
underlying network protocol(s) being used.
If this header is present during a POST transaction, the
server MUST remove it before passing the article onwards
(to prevent forgery-attempts) and replace it as detailed
above.
The actual content of this header is NOT defined, though
some suggested examples follow:
<add in suitable examples here>
Does this seem reasonable?
-aDe
--
Ade Lovett, Demon Internet Ltd.
More information about the ietf-nntp
mailing list